Skip to content

Latest commit

 

History

History
81 lines (73 loc) · 2.5 KB

dotenv-vault.md

File metadata and controls

81 lines (73 loc) · 2.5 KB
Raw

back

dotenv-vault

dotenv vault is a tool to store .env values in a secure way accross diffenrent environments such as development, ci, staging or production. These environments can be changed on the dotenv project-site after login/registration. Per default, the main-branch is development. The content of the .env file can be synced to other branches/environments and will be based on development.
You can either use the cli directly or with predefined commands from package.json:

# without package.json:
npx dotenv-vault@latest open

# with package.json:
npm run vault:open

In the end, both commands will do the same thing: open or syncing your project with the specified environment in your dotenv-vault account. To sync the content with another environment than default development, supply the name after the open.

initial setup

# initialize project:
npm run vault:new
# login to dotenv-vault:
npm run vault:login
# open the project in dotenv-vault:
npm run vault:open

add and receive changes, sync content across envs:

# add changes
npm run vault:push
# retreive changes
npm run vault:pull
# sync with ci:
npm run vault:open:ci

setup ci/cd pipelines:

# add changes
npm run vault:push
# sync with ci environment:
npm run vault:open:ci
# build the env-vault:
npm run vault:build
# create ci-key:
npm run vault:keys:ci

Important: After the last command, the ci will output the decryption key for the ci environment. Copy this value and add it to your repository as secret(github-actions) or as a project environment variable (circle ci) unter the key DOTENV_KEY. The .env.vault file will be decrypted automatically.
For more information, take a look at the documentation

Manageable Environments

  • development (default): .env
  • ci: .env.ci
  • staging: .env.staging
  • production: .env.production

If more than the dev-environment is managed in the repository, you have to specify the environment to sync with.
This can be done by using the above commands with the environment name as suffix.
For the development environment, the suffix is not needed.
Example:

# push data to ci environment:
npm run vault:push ci

Known Issues

The .env file is set up to use composite env-variables.
These entries are currently removed from the .env file by the vault-cli and have to be added manually after syncing the file.

back